HP procurve 2500 Manual De Usuario

    32

Enhancements in Release F.05.05 through F.05.60

iv. If the client is successfully authenticated and authorized to connect to the network, 

then the server notifies the switch to allow access to the client. Otherwise, access is 
denied and the port remains blocked.

•

If 802.1X (port-access) on the switch is configured for local authentication, then:

i.

The switch compares the client’s credentials with the username and password config-
ured in the switch (Operator or Manager level).

ii.

If the client is successfully authenticated and authorized to connect to the network, 
then the switch allows access to the client. Otherwise, access is denied and the port 
remains blocked.

Switch-Port Supplicant Operation

This operation provides security on links between 802.1X-aware switches. For example, suppose that 
you want to connect two switches, where:

■

Switch “A” has port 1 configured for 802.1X supplicant operation.

■

You want to connect port 1 on switch “A” to port 5 on switch “B”.

1.

When port 1 on switch “A” is first connected to a port on switch “B”, or if the ports are already 
connected and either switch reboots, port 1 begins sending start packets to port 5 on switch “B”. 

•

If, after the supplicant port sends the configured number of start packets, it does not 
receive a response, it assumes that switch “B” is not 802.1X-aware, and transitions to 
the authenticated state. If switch “B” is operating properly and is not 802.1X-aware, then 
the link should begin functioning normally, but without 802.1X security. 

•

If, after sending one or more start packets, port 1 receives a request packet from port 5, 
then switch “B” is operating as an 802.1X authenticator. The supplicant port then sends 
a response/ID packet. Switch “B” forwards this request to a RADIUS server.

RADIUS Server

Switch “A”

Port 1 Configured as an

802.1X Supplicant

Port 1

Switch “B”

Port 5

LAN Core